2月11日消息,谷歌旗下安全团队Mandiant披露,一个与朝鲜有关联的黑客组织,正利用深度伪造视频与虚假Zoom通话,对加密货币行业发动高度定制化的社会工程攻击,并通过植入多种恶意程序实施资产与数据窃取。
调查显示,该行动由网络威胁组织UNC1069发起。该团伙至少自2018年活跃,并在2023年后将目标从传统金融转向Web3领域,包括加密金融科技公司高管、软件开发者和风投从业者。此次事件始于一名业内高管的Telegram账户被劫持,攻击者以其身份接触目标,建立信任后发送伪造的Calendly视频会议邀请。
受害者点击链接后,被引导至攻击者控制的假Zoom域名。通话中,对方展示了一段疑似另一家加密公司CEO的深度伪造视频,并以“音频故障”为由,诱导目标在电脑上运行所谓的排错命令。这些命令在macOS和Windows系统中触发感染链,悄然部署多达七种恶意软件。
Mandiant确认,这些工具可窃取Keychain凭据、浏览器Cookie、登录信息、Telegram会话及本地敏感文件。研究人员判断,攻击者一方面意在直接获取加密资产,另一方面也在收集情报,为后续诈骗铺路。单台设备中部署如此多工具,表明这是一次精心策划的定点渗透。
这一事件并非孤例。2025年,类似的AI会议诈骗已造成超过3亿美元损失;全年与朝鲜相关的网络行动共窃取约20.2亿美元数字资产,同比增长51%。Chainalysis还指出,结合链上AI服务的诈骗团伙,其效率显著高于传统模式。
随着深度伪造门槛持续降低,加密行业正面临前所未有的安全挑战。专家提醒,涉及资金与系统权限的线上会议,必须强化多重验证与设备隔离,否则将成为下一波攻击的突破口。
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Gerelateerde artikelen
$1.2M in Profits Tied to Insider-Linked Addresses in ZachXBT Market Bet
_Eight insider-linked wallets captured $1.2M in profits, mostly from single-market bets placed before odds shifted._
On-chain data has intensified scrutiny around a Polymarket event linked to a ZachXBT insider probe. Trading records show heavy profit concentration among a small cluster of wallet
LiveBTCNews3u geleden
ZachXBT Alleges Axiom Employee Misused Internal Data - Unchained
ZachXBT alleges an Axiom employee misused internal tools to access private user wallet data for profit and shared it with a select group tracking traders. Axiom responded by revoking access and initiating an investigation amid rising concerns about data ethics in crypto.
UnchainedCrypto3u geleden
韩国国税厅新闻稿不慎曝光助记词,约 480 万美元扣押加密货币遭窃
韩国国税厅对124名高额拖欠税款者进行了搜查,公开了包含加密硬件钱包助记词的照片,导致400万枚PRTG代币被转走,损失约64亿韩元(约480万美元)。分析指出,窃取者分三次转移代币并使用少量以太坊作为手续费。
GateNews4u geleden
Axiom Employee Allegedly Exploits Dashboard for Insider Trading
Allegations against Axiom Exchange reveal that Broox Bauer exploited internal dashboards to track private wallets for insider trading schemes, targeting high-volume traders. The lack of access controls raises significant security concerns, prompting calls for investigation.
CryptoFrontNews7u geleden
AI加密货币诈骗暴增500%!生成式人工智能成黑客新武器,单笔收益翻4.5倍
TRM Labs报告称,过去一年AI加密货币诈骗活动激增约500%。黑客利用AI生成钓鱼邮件和虚假网站,深度伪造技术加速情感诈骗。2025年非法加密交易规模预计达1580亿美元,安全防御亟需升级。
GateNews7u geleden
XRP Ledger 基金会确认修复尚未启用的一项修订中的严重漏洞
XRP Ledger 基金会已确认修复了一项严重漏洞,该漏洞存在于 Ripple 的签名验证逻辑中,可能允许攻击者盗取资金。该修正案尚未在主网上激活,目前建议验证者投票反对。紧急版本已于 2 月 23 日发布以防止漏洞利用。
TechubNews9u geleden
